System And Method For Contextual Service Delivery Via Mobile Communication Devices

ABSTRACT

A computer automated system and method comprising configuring a single or plurality of mobile devices over a network, validating the configured devices, and communicating contextual information to the configured devices. The devices are authenticated and the authentication is sent to a server over the network, when a contextual service, controlled/offered by the server through a contextual service point in communication with the server, is invoked by the configured mobile device in the vicinity of the contextual service point. The mobile device is then enabled to consume a contextual service, offered by and delivered at the contextual service point, either from within the mobile device or over the network.

CROSS REFERENCE TO RELATED APPLICATIONS

This application is a divisional of U.S. application Ser. No. 17/115,784filed Dec. 8, 2020 which is a Continuation of U.S. application Ser. No.17/013,579 filed Sep. 4, 2020, which is a Continuation of U.S.application Ser. No. 14/797,091 filed Jul. 11, 2015, and is aContinuation of U.S. application Ser. No. 14/801,385 filed on Jul. 16,2015, and is a Continuation of U.S. application Ser. No. 18/801,446filed Jul. 16, 2016, which is hereby incorporated herein by reference inthe respective entirety of each.

BACKGROUND Field

In general, the problem is to be able to detect the presence of andauthenticate a user in a context, so that some services can be deliveredto the user in that context. In the context of secure printing, thistranslates to releasing print jobs queued by the user when he is near asecure printer. In the context of boarding a plane, this translates toallowing a checked-in passenger through the boarding gate.

Related Art

Earlier, the problem would be solved in the work environment by placinga badge reader (active element) in the context, and the employeeauthenticating by showing his or her issued badge (passive element).Likewise, in the public space, an encoded token (say a boarding passwith a magnetic strip) would be issued to the user and scanned by areader at the boarding gate in conjunction with other identityestablishing mechanisms.

The issue with these mechanisms were: 1. The reader hardware had to beplaced in the context (one per printer or one per boarding gate, forexample), and the passive element would be with the user. This would addto the infrastructure cost. 2. The reader hardware had the intelligenceto read the user tag, authenticate the user/tag, and release theservice.

However, with the proliferation of mobile wireless devices, andespecially smart mobile devices, there is an opportunity to swap theactive and passive elements, thereby reducing infrastructure cost andconsolidating processing and service release at the server.

SUMMARY

Embodiments disclosed include a computer automated system comprising aprocessor, a memory, and a communication means for communicating over awired or wireless network. The computer automated system is configuredto, over the network, configure a single or plurality of mobile devices,and validate the single or plurality of configured mobile devices. Thecomputer system can further communicate contextual information to theconfigured single or plurality of mobile devices, authenticate a user ofthe single or plurality of configured mobile devices, and communicatethe contextual information and authentication information to a serverover the network. Additionally, based on an authentication status, thecomputer system is configured to allow the user to consume a contextualservice from within the mobile device or over a network.

An embodiment includes, in a computer automated system comprising aprocessor, a memory, and a communication means for communicating over awired or wireless network, a method comprising, via the network,configuring a single or plurality of mobile devices.

The method includes validating the single or plurality of configuredmobile devices, communicating contextual information to the configuredsingle or plurality of mobile devices, and authenticating a user of thesingle or plurality of configured mobile devices. The method furtherincludes communicating the context information and authenticationinformation to a server over the network. Additionally, based on anauthentication status, the method includes allowing the user to consumea contextual service from within the mobile device or over a network.

An embodiment includes a wireless communication device configured toself-configure based on instructions received over a long rangecommunication network. The device can identify itself to a contextualservice provider via the communication network, and further identify acontextual service delivery point via a short range communication means.Based on the identified contextual service delivery point, the device isconfigured to invoke the contextual service provider's service at thecontextual service delivery point via the short range communicationmeans, and further, to cause the contextual service delivery point todeliver the contextual service.

An embodiment includes, in a wireless communication device, a methodcomprising self-configuring the wireless device based on instructionsreceived over a long range communication network. The method includesidentifying the wireless device to a contextual service provider via thecommunication network, and identifying a contextual service deliverypoint via a short range communication means. Based on the identifiedcontextual service delivery point, the method includes invoking by thedevice, the contextual service provider's service at the contextualservice delivery point via the short range communication means, andcausing the contextual service delivery point to deliver the contextualservice.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates the computer automated system according to anembodiment.

FIG. 2 illustrates a flow diagram according to an embodiment of themethod.

FIG. 3 illustrates an example embodiment of the system for executing aprint job.

FIG. 4 illustrates via a flow diagram, an example embodiment forexecuting a print job.

FIG. 5 illustrates an example embodiment of the system for implementinga flight boarding application.

FIG. 6 illustrates via a flow diagram, an example embodiment forimplementing the flight boarding application.

DETAILED DESCRIPTION

Specific embodiments of the invention will now be described in detailwith reference to the accompanying figures. Like elements in the variousfigures are denoted by like reference numerals for consistency.

In the following detailed description of embodiments of the invention,numerous specific details are set forth in order to provide a morethorough understanding of the invention. In other instances, well-knownfeatures have not been described in detail to avoid obscuring theinvention.

Embodiments disclosed include a computer automated system comprising aprocessor, a memory, and a communication means for communicating over awired or wireless network. The computer automated system is configuredto, over the network, configure a single or plurality of mobile devices,and validate the single or plurality of configured mobile devices. Thecomputer system can further communicate contextual information to theconfigured single or plurality of mobile devices, authenticate a user ofthe single or plurality of configured mobile devices, and communicatethe contextual information and authentication information to a serverover the network. Additionally, based on an authentication status, thecomputer system is configured to allow the user to consume a contextualservice from within the mobile device or over the network.

FIG. 1 illustrates the computer automated system according to anembodiment. The system 100 includes a single or plurality of mobiledevices 101 each of which comprise a short range communicationcapability (SRCC) and an SRCC triggered application 102, SRCC tag readersoftware 103 and a user authentication graphical user interface 104. Thesystem includes a contextual service point 105, the location where thecontextual service is invoked by the mobile device and is executed anddelivered. The contextual service point comprises a passive SRCC tag106. Additionally, contextual service server 107 comprises an SRCC tagto service point map 108, an SRCC tag authentication software 109, anduser authentication software 110. The mobile devices 102 and thecontextual service point 105 communicate with contextual service server107 via communication link 111.

According to an embodiment, the computer system is configured to allowthe user to queue a print job to the server via the configured andauthenticated single or plurality of mobile devices. Preferably, theprint job is invoked via an NFC tag attached to a printer and theconfigured mobile device, such that the configured mobile device iscaused to read the NFC tag and communicate the tag information to theserver via the network. In an embodiment, the server is furtherconfigured to recognize the user mobile device at the printer, and toidentify the printer by authenticating the NFC tag attached to theprinter. Further, the server can authenticate the user mobile device atthe printer, queue the print job invoked by the user mobile device, andrelease via the network, instructions to the printer to execute thequeued print job. The computer system can configure the mobile devicesvia the network, wherein the user is authorized to queue a secure printjob to the server via the configured and authenticated single orplurality of mobile devices.

According to an embodiment, the secure print job is invoked via an NFCtag attached to a printer and the configured mobile device, such thatthe configured mobile device is caused to read the NFC tag andcommunicate the tag information to the server via the network. In thecomputer system, the server is further configured to recognize the usermobile device at the printer, via the network. The server can alsoidentify the printer. In one embodiment, the printer is identified byauthenticating the NFC tag attached to the printer. And the servercorrespondingly authenticates the user mobile device at the printer. Thequeued secure print job invoked by the user mobile device, uponauthentication of the mobile device, is released to the printer forprinting.

FIG. 3 illustrates an example embodiment of the system for executing aprint job. The system 300 comprises mobile communication device 301which includes an NFC triggered application 302, which is run by NFC tagreader software 303 and further includes a user authentication graphicaluser interface 304. Printer 305 also includes NFC tag 306 coupled to thesaid printer, and both the mobile device 301 and printer 305 comprisemeans for communicating over the network 311 with print server 307.Print server 307 comprises a directory of printers in the network,mapped to their corresponding NFG tags 308. Further, print server 307comprises NFC tag authentication software 309, and user authenticationsoftware 310.

An alternate embodiment includes a computer system configured to allowthe user to board a flight using a mobile application by communicatingto the server via the configured and authenticated single or pluralityof mobile devices. Flight boarding/check-in is invoked via an NFC tagattached to a flight boarding gate counter. In the embodiment, theconfigured mobile device is caused to read the NFC tag and communicatethe tag information to an airline server via the network. The server isfurther configured to recognize the user mobile device at the flightboarding gate counter, and identify the flight boarding gate and flightby authenticating the NFC tag attached to the flight boarding gatecounter. Additionally, the server can, via the network, authenticate theuser mobile device at the flight boarding gate, and check-in the userfor flight boarding invoked by the user mobile device. A checked-in useris then allowed to board the flight, wherein the check-in procedure isinvoked by the user mobile device.

FIG. 5 illustrates an example embodiment of the system for implementinga flight boarding application. The system 500 comprises mobilecommunication device 501 which includes an NFC triggered application502, which is run by NFC tag reader software 503 and further includes auser authentication graphical user interface 504. Aircraft boardingpoint 505 also includes NFC tag 506 coupled to the said Aircraftboarding point, and both the mobile device 501 and Aircraft boardingpoint 505 comprise means for communicating over the network 511 withAirline server 507. Airline server 507 comprises a directory of Aircraftboarding points in the network, mapped to their corresponding NFC tags508. Further, Airline server 507 comprises NFC tag authenticationsoftware 509, and user authentication software 510.

An embodiment includes, in a computer automated system comprising aprocessor, a memory, and a communication means for communicating over awired or wireless network, a method comprising, via the network,configuring a single or plurality of mobile devices. The method furthercomprises validating the single or plurality of configured mobiledevices, and communicating contextual information to the configuredsingle or plurality of mobile devices. The method can includeconfiguring the computer system for authenticating a user of the singleor plurality of configured mobile devices, and communicating thecontextual and authentication information to a server over the network.Additionally, and based on an authentication status, the method includesallowing the user to consume a contextual service from within the mobiledevice or over a network.

FIG. 2 illustrates via a flow diagram an embodiment of the method. Step201 includes approaching a short range communication vicinity of thecontextual service point 105. Step 202 includes reading the passive SRCCtag 106 by the mobile device 101, and based on the read tag, invokingthe contextual application 102 in the device. Step 203 includescollecting user credentials, reading the SRCC tag ID and the contextualservice point code or/and contextual service point IP address from thepassive SRCC tag by the mobile device, and sending the read informationto the server 107 over the network 111. Step 204 includes receiving anauthentication message from the server 107 if the SRCC tag, usercredentials, and retrieved contextual service point IP address are allauthentic. Step 205 includes accepting or rejecting the requesting user,depending on the authenticity check conducted in step 204. Ifauthenticated, step 206 includes releasing a queued service request bythe server 107, and executing and delivering the contextual service tothe user at contextual service point 105.

According to an embodiment, the method includes allowing the user toqueue a print job to the server via the configured and authenticatedsingle or plurality of mobile devices. Preferably, the print job isinvoked via an NFC tag attached to a printer and the configured mobiledevice, such that the configured mobile device is caused to read the NFCtag and communicate the tag information to the server via the network.In an embodiment, the method includes, via the server, recognizing theuser mobile device at the printer, and identifying the printer byauthenticating the NFC tag attached to the printer. Further according toan embodiment, the method includes, via the server, authenticating theuser mobile device at the printer, queuing the print job invoked by theuser mobile device, and releasing via the network, instructions to theprinter to execute the queued print job. Additionally, the methodincludes configuring the mobile devices via the network, wherein theuser is authorized to queue a secure print job to the server via theconfigured and authenticated single or plurality of mobile devices.

According to an embodiment, the method includes invoking the secureprint job via an NFC tag attached to a printer and the configured mobiledevice, such that the configured mobile device is caused to read the NFCtag and communicate the tag information to the server via the network.Preferably, in the computer implemented method, the server is furtherconfigured for recognizing the user mobile device at the printer, viathe network. The server can also identify the printer. In oneembodiment, the printer is identified by authenticating the NFC tagattached to the printer. And the server correspondingly authenticatesthe user mobile device at the printer. The queued secure print jobinvoked by the user mobile device, upon authentication of the mobiledevice, is released to the printer for printing.

FIG. 4 illustrates via a flow diagram, an example embodiment forexecuting a print job. Step 401 includes approaching a short rangecommunication vicinity (in this case an NFC tag) of secure printer 305.Step 402 includes reading the NFC tag 306 by the mobile device 301, andbased on the read tag, invoking the contextual application 302 in thedevice. Step 403 includes collecting user credentials, reading the NFCtag ID and the printer code or/and printer IP address from the NFC tag306, and sending the read information to the server 307 over thenetwork. Step 404 includes receiving an authentication message from theserver 307 if the NFC tag, user credentials, and retrieved printer IPaddress are all authentic. Step 405 includes accepting or rejecting therequesting user, depending on the authenticity check conducted in step404. If authenticated, step 406 includes releasing a queued print job bythe server 307, and printing the print job at the authenticated printer305.

An alternate embodiment includes a computer implemented method forallowing the user to board a flight using a mobile application bycommunicating to the server via the configured and authenticated singleor plurality of mobile devices. Flight boarding/check-in is invoked viaan NFC tag attached to a flight boarding gate counter and the configuredmobile device, such that the configured mobile device is caused to readthe NFC tag and communicate the tag information to an airline server viathe network. The method includes, via the server, recognizing the usermobile device at the flight boarding gate counter, and identifying theflight boarding gate and flight by authenticating the NFC tag attachedto the flight boarding gate counter. Additionally, the method includes,via the network, authenticating the user mobile device at the flightboarding gate, and checking-in the user for flight boarding invoked bythe user mobile device. A checked-in user is then allowed to board theflight, wherein the check-in procedure is invoked by the user mobiledevice.

FIG. 6 illustrates via a flow diagram, an example embodiment forimplementing the flight boarding application. Step 601 includesapproaching a short range communication vicinity (in this case an NFCtag) of the aircraft boarding point 505. Step 602 includes reading theNFC tag 506 by the mobile device, and based on the read tag, invokingthe contextual application 502 in the device 501. Step 603 includescollecting user credentials, reading the NFC tag ID and the Aircraftboarding point code or/and Aircraft boarding point IP address from theNFC tag, and sending the read information to the server 507 over thenetwork. Step 604 includes receiving an authentication message from theserver 507 if the NFC tag, user credentials, and retrieved Aircraftboarding point IP address are all authentic. Step 605 includes acceptingor rejecting the requesting user, depending on the authenticity checkconducted in step 604. If authenticated, step 606 includes releasing theauthenticated requesting user, beyond the boarding point, allowing themto proceed with boarding.

Embodiments disclosed eliminate the need for reader hardware to becoupled to the contextual service point (for example, at each networkedprinter or at each boarding gate). This is because the user's device nowcomprises the active element of the short range communicationscapability, thus drastically reducing the infrastructure cost, therebyconsolidating processing and service release at the server.

Example embodiments show how several near field communication protocols,can be combined with mobile operating systems and leveraged to invoke arelevant contextual service at a contextual service point or area, basedon a monitored short range communication. Additionally, the major mobileoperating systems are leveraged to monitor the communication channel andvia passive NFC tags determine a tag ID to identify the tag, anauthentication token that can be used to authenticate the tag, anapplication identifier in a format understood and used by the mobileoperating system to invoke a relevant application, and any otheradditional context information that can be read by the application.

Once the mobile device is in proximity of the NFC tag, the mobileoperating system invokes the relevant app and passes all the otherparameters above to it for further processing. From a usabilityperspective, the OS even prompts the user to download and install therelevant app to the user device, if not already present. The apppresents the graphical user interface which allows the user to providehis credentials. The app now has three raw pieces of information—theuser credentials, the tag information, and the additional contextinformation, in addition to having established presence of the user inthe context due to the nature of the technology. The app sends all ofthe information to the server, which authenticates the user and the tag.Once authenticated, it can use the additional context information todeliver the service in the context.

Embodiments disclosed enable pull print solutions, allowing users toqueue print jobs to a server for secure printing using a mobile appafter authenticating the user. Embodiments enable location agnosticcontextual service points (printers, boarding gates, etc.) wherein theserver combines information of user identity at a printer with passiveSRCC (NFC) tag associated with the printer, identifying both the userand the printer. Embodiments enable queuing of jobs to the server viathe user mobile device, and secure release by the server of the queuedjob at the contextual service point (printer, boarding gate, etc.)

Since various possible embodiments might be made of the above invention,and since various changes might be made in the embodiments above setforth, it is to be understood that all matter herein described or shownin the accompanying drawings is to be interpreted as illustrative andnot to be considered in a limiting sense. Thus it will be understood bythose skilled in the art that although the preferred and alternateembodiments have been shown and described in accordance with the PatentStatutes, the invention is not limited thereto or thereby.

The figures illustrate the architecture, functionality, and operation ofpossible implementations of systems and methods according to variousembodiments of the present invention. It should also be noted that, insome alternative implementations, the functions noted/illustrated mayoccur out of the order noted in the figures. For example, two blocksshown in succession may, in fact, be executed substantiallyconcurrently, or the blocks may sometimes be executed in the reverseorder, depending upon the functionality involved.

The terminology used herein is for the purpose of describing particularembodiments only and is not intended to be limiting of the invention. Asused herein, the singular forms “a”, “an” and “the” are intended toinclude the plural forms as well, unless the context clearly indicatesotherwise. It will be further understood that the terms “comprises”and/or “comprising,” when used in this specification, specify thepresence of stated features, integers, steps, operations, elements,and/or components, but do not preclude the presence or addition of oneor more other features, integers, steps, operations, elements,components, and/or groups thereof.

In general, the steps executed to implement the embodiments of theinvention, may be part of an automated or manual embodiment, andprogrammable to follow a sequence of desirable instructions.

The present invention and some of its advantages have been described indetail for some embodiments. It should be understood that although someexample embodiments specifically disclose systems and methods ofcontextual services using near field communication technology, thedisclosed system and method is highly reconfigurable, and embodimentsinclude reconfigurable systems that may be dynamically adapted to beused in other contexts as well. It should also be understood thatvarious changes, substitutions and alterations can be made hereinwithout departing from the spirit and scope of the invention as definedby the appended claims. An embodiment of the invention may achievemultiple objectives, but not every embodiment falling within the scopeof the attached claims will achieve every objective. Moreover, the scopeof the present application is not intended to be limited to theparticular embodiments of the process, machine, manufacture, andcomposition of matter, means, methods and steps described in thespecification. A person having ordinary skill in the art will readilyappreciate from the disclosure of the present invention that processes,machines, manufacture, compositions of matter, means, methods, or steps,presently existing or later to be developed are equivalent to, and fallwithin the scope of, what is claimed. Accordingly, the appended claimsare intended to include within their scope such processes, machines,manufacture, compositions of matter, means, methods, or steps.

We claim:
 1. A computer automated system for processing financial transactions, comprising: a processor; a memory; encoded instructions stored in the memory which when implemented by the processor cause the computer automated system to: authenticate a contextual service delivery device via a payment terminal comprised in a pre-configured mobile device; send an authenticated contextual service delivery device credential to the computer automated system by the payment terminal; authenticate the contextual service delivery device and process a user tag data and additional context info relating to a financial account associated with the contextual service delivery device by the computer automated system; release a payment authorization information to the contextual service delivery device by the computer automated system; and display a transaction information on the payment terminal.
 2. The computer automated system of claim 1 wherein: the pre-configured mobile device further comprises a central processing unit and a secure element; and wherein the pre-configuration comprises invoking a computer program product in the contextual service delivery device.
 3. The computer automated system of claim 1 further comprising sending via the payment terminal, an authenticated merchant credential, a read short range communications tag data from the contextual service delivery device, a context service point code, and an additional context info relating to a financial account associated with the contextual service delivery device to the computer automated system.
 4. The computer automated system of claim 1 wherein authenticating the contextual service delivery device and processing the user tag data by the computer automated system further comprises authenticating and retrieving a unique address of the contextual service device by the payment terminal, and receiving a transaction authorization from a financial institution related to a financial account associated with the contextual service delivery device.
 5. The computer automated system of claim 1 wherein releasing a payment authorization information to the contextual service delivery device by the computer automated system comprises releasing a transaction receipt to the contextual service delivery device by the computer automated system.
 6. The computer automated system of claim 1 wherein the computer automated system is further caused to: in response to an authenticated contextual service delivery device and processed contextual service delivery device tag data and additional context info relating to the financial account, dispense a currency amount by a currency dispensing machine operatively coupled to the payment terminal.
 7. The computer automated system of claim 1 wherein: the computer automated system comprises a payment server; the payment terminal comprises an active or passive short range communication means to connect the contextual service delivery device to the payment server; and the release of payment authorization information to the payment terminal is in response to a payment request initiated by the contextual service delivery device.
 8. The computer automated system of claim 1 wherein the contextual service delivery device is a pre-configured contextual service delivery device; and wherein the contextual service delivery device is comprised in a mobile device.
 9. The computer automated system of claim 1 wherein the received credential via the contextual service delivery device comprises a read short range communication tag ID, a context service point code, and an IP address.
 10. A computer implemented method for processing financial transactions, comprising: authenticating a contextual service delivery device via a payment terminal comprised in a pre-configured mobile device; sending an authenticated user credential to a computer automated system via the payment terminal; authenticating the contextual service delivery device and processing a contextual service delivery device tag data and additional context info relating to a financial account associated with the contextual service delivery device, by the computer automated system; releasing a payment authorization information to the contextual service delivery device by the computer automated system; and displaying a transaction information on the payment terminal.
 11. The computer implemented method of claim 10 wherein: the pre-configured mobile device further comprises a central processing unit and a secure element; and wherein the pre-configuration comprises invoking a computer program product in the contextual service delivery device.
 12. The computer implemented method of claim 10 further comprising sending via the payment terminal, an authenticated merchant credential, a read short range communications tag data from the contextual service delivery device, a context service point code, and an additional context info relating to a financial account associated with the contextual service delivery device to the computer automated system.
 13. The computer implemented method of claim 10 wherein authenticating the contextual service delivery device and processing the tag data by the computer automated system further comprises authenticating and retrieving a unique address of the contextual service device by the payment terminal, and receiving a transaction authorization from a financial institution related to a financial account associated with the contextual service delivery device.
 14. The computer implemented method of claim 10 wherein releasing a payment authorization information to the contextual service delivery device by the computer automated system comprises releasing a transaction receipt to the contextual service delivery device by the computer automated system.
 15. The computer implemented method of claim 10 further comprising: in response to an authenticated contextual service delivery device and processed tag data and additional context info relating to the financial account, dispensing a currency amount by a currency dispensing machine operatively coupled to the payment terminal.
 16. The computer implemented method of claim 10 wherein: the computer automated system comprises a payment server; the contextual service delivery device comprises an active or passive short range communication means to connect to the payment server; and the release of payment authorization information to the contextual service delivery device is in response to a payment request initiated by the user mobile device.
 17. The computer implemented method of claim 10 further comprising pre-configuring the contextual service delivery device; and wherein the contextual service delivery device is comprised in a mobile device.
 18. The computer implemented method of claim 10 wherein receiving the credential via the contextual service delivery device comprises receiving a read short range communication tag ID, a context service point code and an IP address.
 19. In a computer automated system for processing financial transactions, a mobile device configured to: authenticate itself to a payment server via a payment terminal; wherein the mobile device is configured to authenticate itself via active or passive short range communication configuration comprised in the mobile device and the payment terminal; send an authenticated user credential to the payment server via the payment terminal; receive a payment authorization information from the payment server; display a transaction information on the user mobile device; and wherein the payment authorization information from the payment server is in response to a payment request initiated by the mobile device. 